ACK: [SRU][Focal/Lunar][PATCH 0/1] CVE-2023-3212
Cengiz Can
cengiz.can at canonical.com
Wed Aug 16 00:11:18 UTC 2023
On 15/08/2023 19:24, Yuxuan Luo wrote:
> [Impact]
> Yang Lan discovered that the GFS2 file system implementation in the
> Linux kernel could attempt to dereference a null pointer in some
> situations. An attacker could use this to construct a malicious GFS2
> image that, when mounted and operated on, could cause a denial of
> service (system crash).
>
> [Backport]
> For Lunar, it is a clean cherry pick.
> For Focal, there is a conflict revolving the `if
> (test_bit(GIF_ALLOC_FAILED, &ip->i_flags)) {` line which requires
> 9e73330f298a (“gfs2: Try harder to delete inodes locally”) commit.
> However, even though the aforementioned conflicting line was modified to
> what it is now in the fix commit, it is not related to the fix, ignore
> it.
>
> [Test]
> Tested via mount and umount gfs2.
>
> [Potential Regression]
> Expect no regression.
>
>
> Bob Peterson (1):
> gfs2: Don't deref jdesc in evict
Acked-by: Cengiz Can <cengiz.can at canonical.com>
>
> fs/gfs2/super.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
More information about the kernel-team
mailing list